<?php
//axun.��ʾ�û��������
// Load configuration variables from database, plog-globals, & plog-includes/plog-functions
require_once(dirname(dirname(__FILE__)).'/plog-load-config.php');
require(PLOGGER_DIR.'plog-admin/plog-admin.php');


//���ǳ�������Ա����ת������ҳ��
if($_SESSION['is_admin']=='0') header("location:is_admin_error.php");


$output='';//output is what all you can see in the page
$output.='<h1>管理员列表:</h1>';

//list all user information
$length=0;//record the length
$thumb_num=21;
$query="SELECT admin_username,thumb_num FROM  plogger_config WHERE is_admin='0'";
$result=run_query($query);
$output.='<table class="option-table" cellspacing="0">';
				
while($row = mysql_fetch_array($result))
  {
  			$output.='<tr class="alt">
						<td class="left"><label for="admin_username">user name:</label></td>
						<td class="right">
						<div style="width:200px;height:30px;float:left;margin-top:10px;"><b>'.$row['admin_username'].'</b></div>
						<div style="width:50px;height:30px;float:left;margin-top:10px;">'.'<a href="del-user.php?username='.$row['admin_username'].'">DELETE</a></div>
						</label></td>
					</tr>';
					$temp[$length]=$row['thumb_num'];
					$length++;
  }
  $length--;//over flow
//select a $thumb_num that not used
for($i=0;$i<100;$i++){
for($j=0;$j<=$length;$j++){
	if($temp[$j]==$thumb_num) $thumb_num++;
	}

}

$output.='</table>'	;	

//function			
					
					
//create new user
$output.='<h1>新建管理员账户:</h1>';

$output.='<form  method="post">
			<table class="option-table" cellspacing="0">
					<tr class="alt">
						<td class="left"><label for="admin_username">新管理员名:</label></td>
						<td class="right"><input size="40" type="text" id="admin_username" name="admin_username"/></td>
					</tr>
					<tr>
						<td class="left"><label for="admin_email">'.plog_tr('新管理员邮箱').':</label></td>
						<td class="right"><input size="40" type="text" id="admin_email" name="admin_email" value="" /></td>
					</tr>
					<tr class="alt">
						<td class="left"><label for="admin_password">'.plog_tr('新管理员密码').':</label></td>
						<td class="right"><input size="40" type="password" id="admin_password" name="admin_password" value="" /></td>
					</tr>
					<tr>
						<td class="left"><label for="confirm_admin_password">'.plog_tr('确认新管理员密码').':</label></td>
						<td class="right"><input size="40" type="password" id="confirm_admin_password" name="confirm_admin_password" value="" /></td>
					</tr>
					<tr>
						<td class="left"></td>
						<td class="right"><input class="submit" type="submit" name="submit" value="'.plog_tr('确认创建').'" /></td>
					</tr>
				</table>
				</form>';

//add user to db
$same=0;
if(isset($_POST['admin_username'])){
	//if the username has already exist then failed
	$query="SELECT admin_username FROM plogger_config";
	$result=run_query($query);
	while($row = mysql_fetch_array($result))
  	{
  		if($row['admin_username']==$_POST['admin_username']) $same=1;
 	 }
	
	if($same==1) {
		$output.= "<b>Failed!This username is already exist!</b>";
	}
	else
	if($_POST['admin_password']==''){
		$output.= "<b>Failed! You havn't set a password!</b>";
		}
	else if($_POST['admin_password']!=$_POST['confirm_admin_password']){
		$output.="<b>Failed! The two input of password is not ecqual!</b>"; 
		}
	else{
		$query="INSERT INTO plogger_config (admin_username,admin_email,admin_password,is_admin,thumb_num) VALUES ('".$_POST['admin_username']."','".$_POST['admin_email']."','";
		
		$query .= md5(mysql_real_escape_string(trim($_POST['admin_password'])))."'";
		$query.=",'0','".$thumb_num."')";
		run_query($query);
		header("location:plog-users.php");//refresh to see the result
		}
}


display($output, 'users');



?>